CVE-2024-34475

Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS messages from a UE: gmm_state_authentication in amf/gmm-sm.c for != OGS_ERROR.
Configurations

No configuration.

History

21 Nov 2024, 09:18

Type Values Removed Values Added
References () https://github.com/open5gs/open5gs/compare/v2.7.0...v2.7.1 - () https://github.com/open5gs/open5gs/compare/v2.7.0...v2.7.1 -
References () https://github.com/open5gs/open5gs/pull/3122 - () https://github.com/open5gs/open5gs/pull/3122 -

03 Jul 2024, 02:00

Type Values Removed Values Added
CWE CWE-617
Summary
  • (es) Open5GS anterior a 2.7.1 es vulnerable a una afirmación accesible que puede causar una falla de AMF a través de mensajes NAS desde un UE: gmm_state_authentication en amf/gmm-sm.c para != OGS_ERROR.
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

05 May 2024, 00:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-05 00:15

Updated : 2024-11-21 09:18


NVD link : CVE-2024-34475

Mitre link : CVE-2024-34475

CVE.ORG link : CVE-2024-34475


JSON object : View

Products Affected

No product.

CWE
CWE-617

Reachable Assertion